1. What a cookie is and what similar technologies we use
A cookie is a small text file saved in your browser. Besides HTTP cookies, the platform also uses localStorage (data kept in the browser between visits) and sessionStorage (data kept only for the duration of a browsing session). All three technologies are inventoried below.
2. Inventory of identified proprietary technologies
The list below describes the proprietary technologies identified in the application at the time this draft was written. Before publication, an audit in the real production environment is also required, including technologies that may be set by third-party providers during payment, monitoring, or other active integrations.
refresh_token
HTTP cookieKeeps you logged in (renews the access token) without resending your password.
Operator: EventApp
Category: Strictly necessary
Duration: 30 days
Type: First-party
Consent: No — required
guest_id
HTTP cookieIdentifies a guest checkout session (purchase without an account).
Operator: EventApp
Category: Strictly necessary
Duration: 7 days
Type: First-party
Consent: No — required
mfa_challenge
HTTP cookieTemporarily secures an additional verification step when logging into accounts with elevated access.
Operator: EventApp
Category: Strictly necessary
Duration: 5 minutes
Type: First-party
Consent: No — required
mfa_setup
HTTP cookieTemporarily secures the setup of additional verification for accounts with elevated access.
Operator: EventApp
Category: Strictly necessary
Duration: 10 minutes
Type: First-party
Consent: No — required
rinotickets-theme
localStorageRemembers your visual theme preference (light/dark) between visits.
Operator: EventApp
Category: Preference
Duration: Until manually cleared from the browser
Type: First-party
Consent: Pending legal confirmation
gdpr_consent
localStorageRemembers your choice regarding cookie categories (necessary/analytics/marketing).
Operator: EventApp
Category: Strictly necessary
Duration: Until manually cleared, the choice is changed, or the consent mechanism version changes
Type: First-party
Consent: No — required
gdpr_consent_date
localStorageRecords the date you made the choice above, for record-keeping.
Operator: EventApp
Category: Strictly necessary
Duration: Until manually cleared from the browser or the choice is changed
Type: First-party
Consent: No — required
affiliate_code
sessionStorageRemembers, for the current browsing session, a referral code for the visit (e.g. a referral link), to attribute the order.
Operator: EventApp
Category: Functional (order session)
Duration: Current browser tab session (lost when the tab is closed)
Type: First-party
Consent: Pending legal confirmation
3. Inactive optional categories
The application code does not currently activate Google Analytics, Facebook Pixel, or other analytics or marketing technologies via the banner. These categories are not offered as options until there is a real implementation, a legal basis, and an updated inventory.
4. How you manage your choice
The banner informs you about necessary technologies and remembers your choice regarding optional categories. In the current version there are no active optional categories. You can reopen the dialog anytime from the "Cookie preferences" link in the footer, or clear local data from your browser settings.
5. Essential cookies and consent
Technologies strictly necessary for authentication, security, and performing a function requested by the user may be exempt from consent, under applicable law. The classification of the theme preference storage and the affiliate code must be legally confirmed before publication. Any non-essential technology introduced later must be blocked until a valid choice is expressed.